Can we have M365 users with different domain suffixes on the same TailNet?

Hi there Guys,

We have users with different domain suffixes but all part of the same team. For e.g., I may have user1@domain.com and user2@domain.net. They are all different Microsoft 365 domains and this variance is historical and cannot be changed overnight.

Whilst using TailScale - this ends up creating separate Tailnets for domain.com and domain.net with no shared resources/devices/services between them.

What’s the best approach to have such users (with varying domain suffixes) to access the same TailNet? Thanks for any help or guidance.

1 Like

We have the SAME exact scenario however running on Google Workspace. Our executive team runs in .com, our contractors on .net and our call centers users run on a completely separate domain, but all hosted under the same Google Workspace account. We’re moving from CloudFlare teams to tailscale and this was not an issue with CF. Just set some simple rule as to which domains can login. I dont see anything like this in Tailscale.

Looking for the best methods to execute this.

Hi there LoadSpark,

I ended up deploying a tailscale router container per domain that advertises the routes to the appropriate tailnet (by domain). This allowed people in these different TailNets to connect to my intended “landing virtual network” on Azure which we call the “access network”. That’s what worked for me…

Yes if your reach out to support they can enable those other domains. We have done that for a few customers as they have that situation with Office 365

1 Like